By Christopher R. Wilder
Research Director & Senior Analyst, TAG Cyber
Recently we had the fortune to speak with Bill Bradley, Sr. Director of Global Marketing for Digital Guardian by HelpSystems, about best practices for improving data security while minimizing data leaks in SaaS solutions.
Digital Guardian has always competed against much larger companies, so they have been forced to be more agile and hands-on with their customers. Digital Guardian’s approach has paid off, especially as more enterprises move to SaaS-based cloud platforms. SaaS applications provide many benefits to the workforce, especially from an efficiency, agility, and functionality perspective. The increase of employees working from home went from 4% pre-pandemic to over 70% during the pandemic. We do not see this ratio changing much; however, many companies will move to a hybrid model.
Even though the adoption of SaaS cloud platforms was already on the rise in recent years, due to the Coronavirus, many companies accelerated their move to the cloud for greater efficiency and better agility. But data theft and data leak risks are something that you should be aware of if you use such SaaS cloud platforms. Here are several best practices to mitigate SaaS-based data leakage:
- DLP must start with the business owners. Organizations must understand what they need to protect and what risks exist. Data Loss Prevention (DLP)is more than a set of tools and processes for assuring customers or their sensitive data is protected and not misused. For example, cloud-based storage providers like Amazon, Google, Microsoft, Rackspace, and other providers incorporating a business-level approach improve data security.
- Secure the endpoint, all the time. With the proliferation of endpoints and remote devices, it has become a daunting task for security teams to detect and detect threats at the endpoint. The biggest challenges created by SaaS include File Security, Insider Threats, Shadow IT, and least privileged access. These endpoints must also have security controls enabled even when disconnected from the corporate network.
- Establish a scenario-driven least privileged access policy. Least privileged access is all about giving enough access and privileges to ensure users have the right access to get the job done. The greater the access they have, the more comprised they can become. Giving too much access increases risk. It is important to have a policy that will fend off insider threats with the flexibility to allow employees to share information data. Overzealous filters create frustration and encourages users to find different ways to share information, thereby opening the organization to increased risk and non-compliance.
- Find a balance between allowing employees to collaborate while protecting sensitive information freely. For nearly all organizations, accidental data loss due to a cyber incident is their biggest priority. However, there must be a balance between effectively protecting the business without negatively impacting the workflows. Data loss brings many issues such as loss of reputation and non-compliance with security frameworks like GDPR, HIPAA, PCI DSS, etc., not to mention expensive lawsuits from those impacted. Most organizations go overboard on "stop and block" policies, making it difficult for teams to collaborate and share information effectively. It is important to find the balance between communications, collaboration, compliance, and sound security policies and practices.
- DLP requires a holistic approach. For organizations to protect their most valuable and sensitive information, they must approach DLP from the top down. It is a business wide approach that combines transparency, education, enforcement, and accountability.
Traditionally, DLP solutions are difficult to deploy and use and this is why organizations need to carefully evaluate any solution for fit with the business. Successful DLP understands both the content and context of the data and adjusts behaviors accordingly. By focusing on content and context, SecOps teams can protect sensitive information from being transferred to the web, cloud, and external SaaS applications like Box, Google Drive, Dropbox, etc. Further, security teams can enforce security and governance policies while reducing their impact on day-to-day operations.
Digital Guardian's solution and the wider HelpSystems data security portfolio assists customers in deploying DLP solutions for endpoint, email, and web. Their approach provides flexible policy and security controls to protect data while allowing collaboration between its employees, SaaS applications, and regulatory compliance.
Read more about HelpSystems from Christopher Wilder.